Hi Alessandro, It looks good to me; thanks for addressing my comments!
Best, /Marco ________________________________ From: Alessandro Vesely <[email protected]> Sent: Monday, December 1, 2025 7:13 PM To: dmarc-ietf <[email protected]>; [email protected] <[email protected]> Cc: Christian Huitema <[email protected]>; Marco Tiloca <[email protected]>; Tim Wicinski <[email protected]> Subject: Changes after draft-ietf-dmarc-failure-reporting-20 ietf last call reviews Hi all, I just modified the GitHub Repository to address three reviews I received. Please see the commit: https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fietf-wg-dmarc%2Fdraft-ietf-dmarc-failure-reporting%2Fcommit%2Ff11312141e40ce3ef34622e4d66638f95611089a&data=05%7C02%7Cmarco.tiloca%40ri.se%7C2b204655c5d04ad1eb5608de310563cb%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C639002096411428879%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=DgNq%2FDwRrQSRTmHlZKzdDZFnYBtQ91zE2dCgnZ82Gzk%3D&reserved=0<https://github.com/ietf-wg-dmarc/draft-ietf-dmarc-failure-reporting/commit/f11312141e40ce3ef34622e4d66638f95611089a> A couple of hints couldn't be addressed: Christian Huitema wrote: > Second nit: the privacy consideration rightly point out the > privacy risk of reporting failures. The DMARC bis draft clearly states > that sending the failure reports is optional. To quote, "Experience > has shown, however, that Mail Receivers rightly concerned about > protecting user privacy have either chosen to heavily redact the > information in such reports (which can hinder their usefulness) or > not send them at all." It would be very nice if some form of > this advice was repeated in the introduction. The last sentences of the Introduction are as follows: It is important to note that these reports can contain the header fields or sometimes the entire content of a failed message, which may contain personally identifiable information (PII). The potential disclosure of PII should be considered when deciding whether to request failure reports as a Domain Owner, or what information to include or redact in failure reports when creating them as a Mail Receiver, or whether to create failure reports at all; see Section 7. This seems to already address the point, so I didn't add more. Tim Wicinski wrote: > Optional editorial suggestions (e.g., acronym expansions or grammar fixes). > > - **Example**: > > > *Abstract*: Expand "NFV" on first use. > > > Section 3.1: "it’s" -> "its".* I didn't find these. Shall I post -21 as is? Thanks everybody. Best Ale --
_______________________________________________ dmarc mailing list -- [email protected] To unsubscribe send an email to [email protected]
